Ah, the security vulnerability that was used in the Google attack. It's been around the internet about a million times now, and even governments havestarted advising people to move away from Internet Explorer. As is usually the case, however, the internet has really blown the vulnerability out of proportion. I'll get right to it: if your machine and/or network has been compromised via this vulnerability, then you most likely had it coming. No sympathy for you.

Even if he has developed an exploit that doesn't mean the machine can be taken over. From the same article: Note that IE7 still has protected mode implemented by default, so even if an attacker can get the exploit to execute, there's not a lot he can do, because he's running in the crippled user context of protected mode.

A Vista machine _might_ not do much, but XP has no protected mode and will do whatever the exploit wants.

But once you have native code running finding another bug somewhere or use another unpatched flaw is just another small step. Most black hats have multiple options at that point.

Just like DEP only really works on new CPUs. Athlon XPs and P4s etc are out of luck.

Anyways, IE8 is still kinda new and the majority of XP users still use IE6 (like the whole of China) or IE7 and they are right now all f--ked. So it is still the majority of Windows users overall and with each passing day it is likely to get worse.

No, it isn't. The Aurora exploit now works with IE7 on XP and Vista. IE8 on XP SP2 and Vista SP0 does not use DEP and so it is just a matter of time or effort until IE8 gets cracked. And even with DEP you aren't secure until a real fix is released.

Ok, I've had enough of this, I can't sit by and just read the dumb comments anymore. Seriously, Vista SP0? Why are we even talking about people who intentionally sabatoge their computers? SP0? FFS? Let me sumarize the part of the article that discusses SP0.

People who disable updates deserve to have computers that r belong to someone else! Is it Microsoft's fault the driver didn't buckle their seat belt? RTFM